Page History

...

1. (optional) Edit /etc/voipnow/local.conf and uncomment the TRUSTED_NET variable, replacing its value with your local network IP and netmask:iptabl

   Panel
   # Access from these networks is always allowed (eg: TRUSTED_NET 10.10.34.12/32 10.10.33.1/24) # TRUSTED_NET NETWORK/MASK

   
   

2. It should be changed into something similar to:

   Panel
   # Access from these networks is always allowed (eg: TRUSTED_NET 10.10.34.12/32 10.10.33.1/24) TRUSTED_NET 172.16.100.1/24

   
   

3. Log in to your server and execute the following script: /usr/local/voipnow/admin/sbin/voipnow_firewall

Output sample

[root@centos6 ~]# /usr/local/voipnow/admin/sbin/voipnow_firewall

Starting VoipNow firewall configuration...

Your existing firewall has been saved in /tmp/iptables.20650

Firewall has been generated and will be cleared in 10 minutes to avoid being locked out in case something went wrong.

The new rules have been saved into /etc/sysconfig/iptables and will be applied at system boot.

If everything is correct, please remove the cron job by running:

/root/core/shell/voipnow_firewall ok

Outcome

The script will:

• save your existing firewall rules to a temporary file (/tmp/iptables.20650 in the above example);
• inspect the MySQL database for roles assigned to this role;
• attempt to detect ports used by each role and apply the corresponding firewall rules;

• install a "safety net" consisting of a cron job which does a firewall flush after 10 minutes.

...

If everything is okay, you need to run again the firewall script with the ok parameter. This will remove the cron job and leave your newly generated firewall rules in place):

[root@centos6 ~]# /usr/local/voipnow/admin/sbin/voipnow_firewall ok

Script called with ok option - removing safety net

To ensure that the cron job was removed, use crontab -l as root.

...

...

...

...